Examples and GDPR - Information Management Today

What Is Data Minimisation? Definition & Examples

IT Governance

APRIL 18, 2023

Data minimisation is a key part of information security and the GDPR (General Data Protection Regulation) in particular. Meeting the requirements The GDPR doesn’t provide specific guidance on the sorts of practices that meet the threshold of adequacy, relevance and necessity. What is data minimisation?

GDPR

GDPR Personal data Data breaches Marketing

GDPR compliance checklist

IBM Big Data Hub

JANUARY 22, 2024

The General Data Protection Regulation (GDPR) is a European Union (EU) law that governs how organizations collect and use personal data. Any company operating in the EU or handling EU residents’ data must adhere to GDPR requirements. However, GDPR compliance is not necessarily a straightforward matter.

GDPR

GDPR Compliance Personal data Privacy

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

The General Data Protection Regulation (GDPR), the European Union’s landmark data privacy law, took effect in 2018. Even the world’s biggest businesses are not free from GDPR woes. Many businesses find it hard to implement GDPR requirements because the law is not only complex but also leaves a lot up to discretion.

GDPR

GDPR Compliance Personal data Privacy

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

How to write a GDPR privacy notice – with documentation template example

IT Governance

NOVEMBER 8, 2018

This blog was originally published before the GDPR took effect in May 2018. An integral part of EU GDPR (General Data Protection Regulation) compliance is producing appropriate documentation. When should you provide a GDPR privacy notice? How do you write a GDPR privacy policy? GDPR privacy notice. Free of charge.

GDPR

GDPR Privacy Compliance Personal data

How to write a GDPR privacy notice – with documentation template example

IT Governance

MARCH 8, 2018

An integral part of your EU General Data Protection Regulation (GDPR) compliance project is producing appropriate documentation, which includes a privacy notice. If you are just beginning your GDPR project, it is unlikely that you will be fully compliant by the time the Regulation is enforced on 25 May 2018.

GDPR

GDPR Privacy Compliance Marketing

GDPR Article 17: What Is the Right to Erasure?

IT Governance

MARCH 30, 2023

Article 17 of the GDPR (General Data Protection Regulation) plays a distinctive yet essential role in data protection law. Failure to fulfil this requirement is considered a serious breach and could be penalised under the GDPR’s upper tier of fines of €20 million (£17.5 Learn more The post GDPR Article 17: What Is the Right to Erasure?

GDPR

GDPR Personal data Compliance Government

EDPB Publishes Guidelines on Examples regarding Data Breach Notification

Hunton Privacy

JANUARY 19, 2021

On January 18, 2021, the European Data Protection Board (“EDPB”) released draft Guidelines 01/2021 on Examples regarding Data Breach Notification (the “Guidelines”). The new draft Guidelines take into account supervisory authorities’ common experiences with data breaches since the GDPR became applicable in May 2018.

Data breaches

Data breaches Personal data GDPR Risk

The EDPB Issues Guidelines Clarifying What Constitutes an International Data Transfer Under the GDPR

Hunton Privacy

NOVEMBER 23, 2021

On November 19, 2021, the European Data Protection Board (“EDPB”) published its draft Guidelines 05/2021 (the “Guidelines”) on the interplay between the application of Article 3 of the EU General Data Protection Regulation (“GDPR”), which sets forth the GDPR’s territorial scope, and the GDPR’s provisions on international data transfers.

GDPR

GDPR Personal data Marketing Government

CIPL Submits Response to the EDPB Guidelines on Examples Regarding Data Breach Notification

Hunton Privacy

MARCH 10, 2021

On March 2, 2021, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth submitted its response to the European Data Protection Board (“EDPB”) consultation on draft guidelines on examples regarding data breach notification (the “Guidelines”). The Guidelines were adopted on January 14, 2021 for public consultation.

Data breaches

Data breaches GDPR Personal data Risk

The Irish DPC fined WhatsApp €5.5M for violating GDPR

Security Affairs

JANUARY 21, 2023

by the Irish Data Protection Commission (DPC) for violating the General Data Protection Regulation (GDPR). million (for breaches of the GDPR relating to its service).” million (for breaches of the GDPR relating to its service).” The Irish Data Protection Commission (DPC) fined Meta’s WhatsApp €5.5

GDPR

GDPR Metadata Encryption Communications

GDPR for small business: the ultimate guide

IT Governance

JULY 2, 2020

What is the GDPR? First, the UK has implemented the UK DPA (Data Protection Act) 2018 , which adopts the GDPR into national law. Second, if you process EU residents’ personal data, the GDPR still applies. Does the GDPR apply to small businesses? What does the GDPR mean for my business? A quick overview.

GDPR

GDPR Personal data Data breaches Compliance

The Re-Permissioning Dilemma Under GDPR

AIIM

JUNE 26, 2018

Now that the EU General Data Protection Regulation (GDPR) is in force organizations are ramping up their efforts to re-fresh data subject consent obtained prior to GDPR and under the EU Data Protection Directive 95/46/EC by virtue of which opt-out, or implied consent was permissible. Furthermore, the.

GDPR

GDPR Privacy Marketing Sales

Europe: EDPB issues guidelines on interplay between Article 3 and Chapter V of GDPR

DLA Piper Privacy Matters

NOVEMBER 24, 2021

On 19 November, the European Data Protection Board (‘ EDPB ‘) published, its draft Guidelines 05/2021 on the Interplay between the application of Article 3 and the provisions on international transfers as per Chapter V of the GDPR (“ Guidelines ”). This will amount to transfer under Chapter V of the GDPR.

GDPR

GDPR Personal data Access Risk

Examples of data processing activities that require a DPIA

IT Governance

JUNE 19, 2019

The GDPR (General Data Protection Regulation) requires organisations to conduct a DPIA (data protection impact assessment) whenever processing is ‘likely to result in a high risk’ to the rights and freedoms of individuals. Before we crack on with our examples, we should explain how you can identify high-risk data processing activities.

GDPR

GDPR Personal data Risk Data breaches

Europe: EDPB Guidelines on calculation of fines under GDPR – a case of evolution, not revolution?

DLA Piper Privacy Matters

MAY 23, 2022

A draft set of EDPB guidelines on the calculation of administrative fines under the GDPR is likely to lead to some further consistency among supervisory authorities on how fines are calculated – however, if adopted, the guidance leaves clear room for the current divergent approaches to continue.

GDPR

GDPR Personal data Risk IT

GDPR and The Data Governance Imperative

AIIM

SEPTEMBER 12, 2018

You might also be interested in: The Re-Permissioning Dilemma Under GDPR. Data Privacy and Open Data: Secondary Uses under GDPR. Three Critical Steps for GDPR Compliance. GDPR and Cross Border Data Flows between the EU and the US: Current State of the Law. What Do the GDPR and new Privacy Laws Mean for U.S.

GDPR

GDPR Government Information governance Compliance

Does your use of CCTV comply with the GDPR?

IT Governance

OCTOBER 3, 2019

You might be surprised to learn that CCTV footage is subject to the GDPR (General Data Protection Regulation). Let’s take a look at the steps you should follow to ensure your video surveillance methods are GDPR-compliant. Let’s take a look at the steps you should follow to ensure your video surveillance methods are GDPR-compliant.

GDPR

GDPR Privacy Retail Personal data

CIPL and Hunton Andrews Kurth Publish Legal Note on GDPR Regulation of AI

Hunton Privacy

MARCH 13, 2020

On March 12, 2020, the Centre for Information Policy Leadership (“CIPL”), in collaboration with Hunton Andrews Kurth LLP , published its legal note, “ Artificial Intelligence and Data Protection: How the GDPR Regulates AI.”. Read the report on Artificial Intelligence and Data Protection: How the GDPR Regulates AI.

GDPR

GDPR Artificial Intelligence Paper Personal data

German laptop retailer fined €10.4m under GDPR for video-monitoring employees

Security Affairs

JANUARY 18, 2021

fine under GDPR against the online laptop and electronic goods retailer NBB for video-monitoring employees. million fine under the GDPR against an online laptop and electronic goods retailer NBB’s (notebooksbilliger.de) for video-monitoring employees for at least a couple of years. .” SecurityAffairs – hacking, GDPR).

Retail

Retail GDPR Sales Privacy

EDPB Publishes Draft Guidelines on the Concepts of Controller and Processor under the GDPR

Data Matters

SEPTEMBER 18, 2020

On 2 September 2020, the European Data Protection Board ( EDPB ) published draft guidelines on the concepts of controller and processor under the GDPR ( Draft Guidelines ). The Draft Guidelines provide further examples of what such essential and non-essential processing may entail. The Draft Guidelines consist of two parts.

GDPR

GDPR Personal data Compliance Access

Most GDPR emails unnecessary and some illegal, say experts

The Guardian Data Protection

MAY 21, 2018

Many companies, acting based on poor legal advice, a fear of fines of up to €20m (£17.5m) and a lack of good examples to follow, have taken what they see as the safest option for hewing to the General Data Protection Regulation (GDPR) : asking customers to renew their consent for marketing communications and data processing.

GDPR

GDPR Data Privacy Privacy Communications

GDPR After the Deadline — Part 3 of 3 — How do IIM technologies fit into the GDPR puzzle?

AIIM

AUGUST 8, 2018

The GDPR’s May 25, 2018 deadline set in motion a mad compliance and security scramble not only for European companies, but also for any company doing business in Europe or with European customers. We just published a new market research report on GDPR. How do they assess their progress in meeting the core requirements of GDPR?

GDPR

GDPR Compliance Digital preservation Artificial Intelligence

7 steps to highly effective GDPR compliance

IT Governance

AUGUST 21, 2019

The GDPR (General Data Protection Regulation) hasn’t exactly crept up unnoticed over the past year or so, but it’s still caught many organisations by surprise. Meanwhile, although the specifics of Brexit are still unclear, one thing is certain: whatever happens, UK-based organisations will be subject to the GDPR’s requirements.

GDPR

GDPR Compliance Personal data Access

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill

Data Protection Report

JUNE 22, 2022

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill. The test will be relative and it appears lower than under the EU GDPR, although the precise approach is not set out in the response. However, the precise approach will be set out in the AI white paper.

GDPR

GDPR Government Personal data Risk

EDPB publishes guidance on calculating GDPR fines

Data Protection Report

JUNE 9, 2022

Whereas the previous guidance set out general principles for when to impose fines under Article 83 GDPR, the new Guidelines provide a detailed five-step methodology for calculating a starting point for a fine and clarify how to determine the turnover of an undertaking in order to harmonise the approach across Member States.

GDPR

GDPR Compliance Personal data IT

GDPR After the Deadline — Part 3 of 3 — How do IIM technologies fit into the GDPR puzzle?

AIIM

AUGUST 8, 2018

The GDPR’s May 25, 2018 deadline set in motion a mad compliance and security scramble not only for European companies, but also for any company doing business in Europe or with European customers. We just published a new market research report on GDPR. How do they assess their progress in meeting the core requirements of GDPR?

GDPR

GDPR Compliance Digital preservation Artificial Intelligence

How to write a GDPR data protection policy

IT Governance

FEBRUARY 7, 2018

An integral part of your EU General Data Protection Regulation (GDPR) project is producing appropriate documentation to demonstrate your compliance. For example, your data protection policy may include instructions for staff involved in collecting client data, specifying that they only collect the minimal amount required.

GDPR

GDPR Compliance Marketing

List of mandatory documents required by the GDPR

IT Governance

JULY 31, 2019

The documentation of processing activities is a new legal requirement under the EU GDPR (General Data Protection Regulation). Documenting your processing activities can also support good data governance, and help you to demonstrate your compliance with other aspects of the GDPR. Personal Data Protection Policy (Article 24).

GDPR

GDPR Data breaches Personal data Compliance

EDPB Adopts Three Sets of Guidelines in Final Form

Hunton Privacy

FEBRUARY 24, 2023

Guidelines on the Interplay Between the Application of Article 3 and the Provisions on International Transfers as per Chapter V GDPR Guidelines 05/2021 seek to clarify the interplay between the territorial scope of the GDPR, as defined in Article 3, and the provisions on international transfers in Chapter V.

GDPR

GDPR Personal data

Missing the GDPR deadline of May 2018: And then what?

Data Protector

AUGUST 19, 2017

As May 2018 looms, I’m aware of a growing number of companies that are seeking help with their GDPR compliance obligations. Many (me included) have been sent a stream of emails from self-styled “GDPR experts” containing dire warnings of ginormous fines for non-compliance. But enough of these GDPR ambulance chasers.

GDPR

GDPR Compliance Records Management Financial Services

European Commission Releases Study on GDPR Data Protection Certification Mechanisms

Hunton Privacy

APRIL 11, 2019

The European Commission (the “Commission”) has released a long-awaited study on GDPR data protection certification mechanisms (the “Study”). As we previously reported , the Commission announced its intention to look into GDPR certifications in January of 2018. Certifications continue to be a developing area under the GDPR.

GDPR

GDPR Marketing Privacy IT

GDPR automated decision-making and profiling: what are the requirements?

IT Governance

NOVEMBER 9, 2018

In addition to data subjects’ rights to be informed, of access, to rectification, to erasure, to restrict processing, to data portability and to object, the EU’s GDPR (General Data Protection Regulation) sets out requirements relating to automated individual decision-making, including profiling. What is profiling under the GDPR?

GDPR

GDPR Personal data Financial Services Compliance

The GDPR: Everything you need to know about data controllers and data processors

IT Governance

NOVEMBER 14, 2018

Data controllers and data processors are an integral part of the GDPR. The terms ‘data controller’ and ‘data processor’ have been around for years, but it’s only since the EU GDPR (General Data Protection Regulation) took effect that they’ve been scrutinised. That’s understandable. The basics. Responsibilities of the data processor.

GDPR

GDPR Retail Data collection Personal data

ISO 27701 unlocks the path to GDPR compliance and better data privacy

IT Governance

SEPTEMBER 17, 2019

We have good news for those looking for help complying with the GDPR (General Data Protection Regulation) : new guidance has been released on how to create effective data privacy controls. For example, if an organisation collects excessive amounts of information on an individual, that’s a privacy violation. ISO 27701 and the GDPR.

Data Privacy

Data Privacy GDPR Compliance Privacy

Why GDPR compliance requires a software solution

IT Governance

NOVEMBER 7, 2019

All organisations need help complying with the GDPR (General Data Protection Regulation). Let’s take a look at what it covers and how it simplifies your GDPR requirements. Let’s delve into each of these in more detail, explaining how they fit into your organisation and your GDPR compliance practices. What is CyberComply?

GDPR

GDPR Compliance Risk Cloud

EDPB Publishes Guidelines on the Concepts of Controller and Processor in the GDPR

Hunton Privacy

SEPTEMBER 10, 2020

On September 7, 2020, the European Data Protection Board (“EDPB”) released draft Guidelines 07/2020 on the concepts of controller and processor in the EU General Data Protection Regulation (“GDPR”) (the “Guidelines”). However, the GDPR has introduced new obligations on those actors.

GDPR

GDPR Personal data Data breaches Compliance

How the CCPA and GDPR Are Different

KnowBe4

SEPTEMBER 10, 2019

The California Consumer Privacy Act (CCPA) was introduced just a month after the European Union instituted the General Data Protection Regulation (GDPR), earning the CCPA the nickname of “California’s GDPR.”. While the GDPR has been in effect since May of 2018, the CCPA is on track to become effective on January 1, 2020.

GDPR

GDPR Privacy Personal data Passwords

GDPR: How the definition of personal data has changed

IT Governance

APRIL 10, 2019

On 25 May 2018, the EU’s GDPR (General Data Protection Regulation) superseded the UK’s DPA (Data Protection Act) 1998. Let’s start with the circumstances under which the processing of personal data must meet the GDPR’s requirements. DPO as a service (GDPR). This blog has been updated to reflect industry updates.

Personal data

Personal data GDPR Education Government

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

You might also be interested in: The Re-Permissioning Dilemma Under GDPR. Data Privacy and Open Data: Secondary Uses under GDPR. Three Critical Steps for GDPR Compliance. GDPR and Cross Border Data Flows between the EU and the US: Current State of the Law. What Do the GDPR and new Privacy Laws Mean for U.S.

GDPR

GDPR Compliance Privacy Data Privacy

The GDPR: A guide for small businesses

IT Governance

MARCH 27, 2018

Businesses are starting to panic as they try to comply with the General Data Protection Regulation (GDPR) before the May 2018 deadline. Many even believe that the GDPR won’t apply to them because they have fewer than 250 employees. Our small business guide to the GDPR should help clarify some of the key factors affecting SMEs.

GDPR

GDPR Compliance Personal data Information Security

Driving GDPR Compliance

Collibra

FEBRUARY 25, 2021

The General Data Protection Regulation (GDPR) mandates businesses to make provisions for EU citizens to exercise their right to access and control their personal data, including the export of personal data outside the EU. The GDPR impacts both data controllers (legal entities such as companies) as well as data processors (SaaS providers).

GDPR

GDPR Compliance Personal data Data Privacy

Belgian DPA Releases Report for Second Anniversary of the GDPR

Hunton Privacy

MAY 26, 2020

On the second anniversary of the EU General Data Protection Regulation (the “GDPR”), the Belgian Data Protection Authority (the “Belgian DPA”) published a Statement with some key GDPR-related numbers (the “Statement”). 5,416 data protection officer (“DPO”) notifications.

GDPR

GDPR Personal data Data breaches Compliance

German DSK Issues GDPR Fining Methodology Guidelines

Data Matters

DECEMBER 9, 2019

Recently, the Association of German Data Protection Authorities (“ Datenschutzkonferenz ” or “DSK”) issued guidelines setting a GDPR fining methodology (“Fining Methodology”). GDPR enforcement across the EU has picked up over the past year. 5-Step Process.

GDPR

GDPR Personal data Privacy Manufacturing

German DSK Issues GDPR Fining Methodology Guidelines

Data Matters

DECEMBER 9, 2019

Recently, the Association of German Data Protection Authorities (“ Datenschutzkonferenz ” or “DSK”) issued guidelines setting a GDPR fining methodology (“Fining Methodology”). GDPR enforcement across the EU has picked up over the past year. 5-Step Process.

GDPR

GDPR Personal data Privacy Manufacturing

What Is Data Minimisation? Definition & Examples

GDPR compliance checklist

Webinars

Trending Sources

How to implement the General Data Protection Regulation (GDPR)

Webinars

How to write a GDPR privacy notice – with documentation template example

How to write a GDPR privacy notice – with documentation template example

GDPR Article 17: What Is the Right to Erasure?

EDPB Publishes Guidelines on Examples regarding Data Breach Notification

The EDPB Issues Guidelines Clarifying What Constitutes an International Data Transfer Under the GDPR

CIPL Submits Response to the EDPB Guidelines on Examples Regarding Data Breach Notification

The Irish DPC fined WhatsApp €5.5M for violating GDPR

GDPR for small business: the ultimate guide

The Re-Permissioning Dilemma Under GDPR

Europe: EDPB issues guidelines on interplay between Article 3 and Chapter V of GDPR

Examples of data processing activities that require a DPIA

Europe: EDPB Guidelines on calculation of fines under GDPR – a case of evolution, not revolution?

GDPR and The Data Governance Imperative

Does your use of CCTV comply with the GDPR?

CIPL and Hunton Andrews Kurth Publish Legal Note on GDPR Regulation of AI

German laptop retailer fined €10.4m under GDPR for video-monitoring employees

EDPB Publishes Draft Guidelines on the Concepts of Controller and Processor under the GDPR

Most GDPR emails unnecessary and some illegal, say experts

GDPR After the Deadline — Part 3 of 3 — How do IIM technologies fit into the GDPR puzzle?

7 steps to highly effective GDPR compliance

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill

EDPB publishes guidance on calculating GDPR fines

GDPR After the Deadline — Part 3 of 3 — How do IIM technologies fit into the GDPR puzzle?

How to write a GDPR data protection policy

List of mandatory documents required by the GDPR

EDPB Adopts Three Sets of Guidelines in Final Form

Missing the GDPR deadline of May 2018: And then what?

European Commission Releases Study on GDPR Data Protection Certification Mechanisms

GDPR automated decision-making and profiling: what are the requirements?

The GDPR: Everything you need to know about data controllers and data processors

ISO 27701 unlocks the path to GDPR compliance and better data privacy

Why GDPR compliance requires a software solution

EDPB Publishes Guidelines on the Concepts of Controller and Processor in the GDPR

How the CCPA and GDPR Are Different

GDPR: How the definition of personal data has changed

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

The GDPR: A guide for small businesses

Driving GDPR Compliance

Belgian DPA Releases Report for Second Anniversary of the GDPR

German DSK Issues GDPR Fining Methodology Guidelines

German DSK Issues GDPR Fining Methodology Guidelines

Stay Connected